|
Everybody hates unwanted email or spam, and without an effective
anti-spam solution in place, it costs US companies an estimated $21.8
billion annually (citation: Information Week, "Spam Costs Billions"),
including infrastructure and bandwidth costs and the loss of employee
productivity. To calculate your company's cost of spam - try this
online calculator (www.google.com/postini/roi_calculator.html).
Implementing a powerful tool that helps with stopping spam in the first
place can eliminate these outside threats to productivity.
Tips for Stopping Spam
1. If you receive a "suspicious" email message - one from a sender whom
you don't know or recognize, simply delete the email. Spammers use code
in their emails that helps perpetuate the problem and opening their
emails helps them in this regard. A high-tech anti-spam solution will
often nip this problem in the bud, however.
2. Stopping spam is as easy as breaking the chain; don't perpetuate
unsolicited emails by forwarding or passing along messages that may
appear legitimate but are likely hoaxes, for example tales of criminal
activities, such as identity theft.
3. Create and utilize a "disposable" email address in place of
your primary email address when providing a contact email address for
goods and services providers on the Internet. You can forward this
disposable address to your primary address, and if the disposable
address ever gets compromised and starts receiving a lot of spam - you
can simply shut it off and create a new disposable address, stopping
the spam being sent by those particular offenders. Many businesses will
automatically add you to their email distribution lists and some may
share or sell your email address to other companies.
4. When ordering items online, do not check the box that states
"YES, I want to be contacted by select third parties concerning
products I might be interested in" or something similar.
5. When you register a domain, use a disposable email address
in place of your primary email address. Spammers will use "bot"
software which automatically "crawls" the public domain registries and
other websites to gather email addresses from these public records.
Many domain owners use a generic "administrator@" mailbox that they
only need to check occasionally. Usually, however, an anti-spam
solution, should you have one, will catch these unwanted emails.
6. When you receive unsolicited spam, do not select the box or
click the link that states you would like to be removed from their
mailing list. By sending a reply to the spammer, you will validate the
email address for them. If you're getting spam from a legitimate
business, however, asking to be removed from their mailing lists can
reduce the amount of unwanted email you receive and begin stopping the
spam you are receiving, as they are required to respect your wishes
because of the CAN-SPAM Act of 2003, a sort of middle man anti-spam solution.
7. Without a proper anti-spam solution, don't have a "catch-all" on your domain, where any mail sent to something@yourdomain.com
gets delivered even if you haven't specifically created the something@
email address. This "catch all" feature is very susceptible to the
"brute force" method of spamming, where spammers send an email to every
conceivable combination of letters and numbers, (such as a@yourdomain.com, b@yourdomain.com, c@yourdomain.com, etc.).
8. Another spamming method that is harder to defend against is the
"dictionary attack" (related to brute force spam attack) that sorts
through possible name combinations hoping to find a valid address.
Thus, a common name such as john.smith@yourdomain.com may get more spam than a more unique name like jsmith1963iscareful@yourdomain.com. Of course, it is harder to remember the "unique" email address than something like your name.
For more information on stopping spam - see the Federal Trade Commission's whitepaper on how to avoid spam emails at www.ftc.gov/bcp/edu/pubs/consumer/tech/tec02.pdf.
A Comprehensive Anti-Spam Solution
Reputation Filtering - an anti-spam solution and technique that
some email providers use - provides a powerful outer layer of defense
for stopping spam. Formerly called "blacklists," reputation filters
deliver unmatched efficacy, accurately stopping spam at the connection
level up to 80% of the time. This means they can stop the spam without
even having to scan the content. The software and appliances used for
reputation filtering in this type of anti-spam solution sometimes also
support rate limiting capabilities which intelligently slow down
suspicious senders--greatly reducing and even stopping the spam,
without the risk of false positives.
Often, an anti-spam solution will use commercially available or
open source online reputation databases for reputation scoring for IP
addresses. If an IP address has a "bad" reputation in one of these
databases due to historical monitoring and scoring of activities from
it - it will be blocked as a source of spam. The customer's score will
increase over time after spam is no longer detected from the customer's
IP address. Some services can use several metrics to score an IP
address, such as:
- An IP address' presence on multiple reliable public blacklists or open proxy lists like spamhaus.org and Spamcop.
- The number of end-user complaints associated with an IP.
- The number of messages sent to invalid "spamtrap" accounts.
- Global message volume and changes in message volume.
- Frequency of URLs appearing in spam or viral messages.
Content Scanning - Another anti-spam solution that is used
frequently involves examining the complete structure and content of a
message, including:
- content
- methods of message construction
The most effective anti-spam products use a combination of these and
other techniques, to be more efficient at stopping spam as well as to
decrease the number of "false positives," or messages stopped by the
anti-spam solution that are not actually spam. The combination of
techniques is especially useful in the current day when spam techniques
are constantly changing. Web Reputation technology measures the
behavior and traffic patterns of a website to assess its
trustworthiness. Content scanning technology determines the reputation
of any URL within a message body, so that a more accurate analysis of
the messages can be performed. This enables a certain anti-spam
solution to immediately protect its users from spam, phishing, and spyware threats distributed over email, stopping spam in its tracks.
About the Author
Jon Harmer, responsible for driving adoption and innovation for Cbeyond's
messaging and collaboration solutions, has made a significant impact on
the organization since joining the team in January 2008. He led a team
to successfully launch the Hosted Microsoft Exchange email application
to Cbeyond customers, which outpaced projected initial adoption rates
by 50 percent, and designed a custom software installer set to become
Cbeyond's first patented application which enables customers to easily
install and configure email clients. Due to these accomplishments,
Cbeyond, which offers internet and phone service
to small businesses around the country, was nominated for the Microsoft
Hosting Solutions Partner of the Year Award in 2009. Jon earned his
undergraduate degree at the Georgia Institute of Technology with a B.S.
in Management with a concentration in Information Technology and, in
2006, graduated from the Goizueta Business School at Emory University
with a MBA in Marketing and Organizational Management. To learn more
about Cbeyond, please visit www.cbeyond.net.
|
